Azure Application Gateway Overview

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. It offers various layer 7 load balancing capabilities for Azure cloud and on-premises web applications. Application Gateway provides features like SSL termination, cookie-based session affinity, URL-based content routing, and multiple site hosting.

Key Benefit: Application Gateway allows you to route end-user traffic to a pool of backend servers, such as virtual machines or virtual machine scale sets, ensuring high availability and scalability for your applications.

What is Azure Application Gateway?

Azure Application Gateway is a managed service that allows for application-level routing (OSI layer 7) and load balancing. It uses a Web Application Firewall (WAF) to protect your web applications from common web exploits and vulnerabilities. It can direct traffic based on attributes like request URL, host headers, and more.

Core Capabilities

Layer 7 Load Balancing: Operates at the application layer, understanding HTTP/S traffic and making intelligent routing decisions.
SSL Termination: Offloads SSL decryption from your backend servers, simplifying certificate management and improving backend server performance.
Cookie-Based Session Affinity: Ensures that requests from a particular user are consistently sent to the same backend server.
URL-Based Content Routing: Routes requests to different backend pools based on the URL path or hostname in the request.
Multiple Site Hosting: Hosts multiple web applications on the same Application Gateway instance by listening on different ports or hostnames.
Web Application Firewall (WAF): Provides centralized protection for your web applications against common exploits, SQL injection, cross-site scripting, and more.
Health Probes: Continuously monitors the health of backend servers and only routes traffic to healthy instances.

Azure Application Gateway Architecture Diagram

Use Cases

Application Gateway is ideal for a variety of scenarios, including:

High Availability: Distributes traffic across multiple backend servers, ensuring that if one server fails, others can handle the load.
Scalability: Allows you to scale your web applications by adding or removing backend servers.
Secure Web Applications: Provides protection against common web attacks with its integrated WAF.
Microservices Architecture: Enables routing to different microservices based on request paths.
DevOps and CI/CD: Integrates well with CI/CD pipelines for seamless deployments and updates.

Tip: For network-level load balancing (OSI layer 4), consider using Azure Load Balancer, which offers high-performance, low-latency load balancing for TCP and UDP traffic.

Getting Started

To start using Azure Application Gateway, you can:

Create an Application Gateway instance in the Azure portal.
Configure listeners to accept incoming traffic.
Define backend pools of your application servers.
Set up routing rules to direct traffic to the appropriate backend pools.
Configure health probes to monitor backend server health.
(Optional) Enable and configure the Web Application Firewall for added security.

For detailed instructions, refer to the Getting Started guide.